Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pYXydYsa-LA5RaFHInXKctOl_xA.roa
File:                     pYXydYsa-LA5RaFHInXKctOl_xA.roa (raw, json)
Hash identifier:          NjqACNurafufRPvzPj5OMBvfIh9a19ECu9+QWRkm5ZY=
Subject key identifier:   A5:85:F2:75:8B:1A:F8:B0:39:45:A1:47:22:75:CA:72:D3:A5:FF:10
Certificate issuer:       /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial:       018FC668B7EE72957397FDB5CC079ABCEFCE
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pYXydYsa-LA5RaFHInXKctOl_xA.roa
Signing time:             Wed 29 May 2024 22:11:42 +0000
ROA not before:           Wed 29 May 2024 22:11:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     1040
IP address blocks:        46.232.48.0/21 maxlen: 24
                          46.232.56.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:c6:68:b7:ee:72:95:73:97:fd:b5:cc:07:9a:bc:ef:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
        Validity
            Not Before: May 29 22:11:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a585f2758b1af8b03945a1472275ca72d3a5ff10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ab:12:4f:57:ca:66:59:04:da:db:89:54:07:
                    23:17:46:27:0d:47:ff:07:dc:9f:4d:61:b7:16:18:
                    98:fe:df:03:c6:1a:92:86:23:ea:8a:58:9a:c6:d6:
                    04:78:68:5a:1a:55:73:87:82:cb:fb:fd:a2:0a:13:
                    5f:31:e2:7c:dd:8c:4a:b4:3b:96:62:73:ea:dd:9f:
                    c7:b1:a9:3e:9a:9e:76:4f:34:89:9a:41:70:79:e2:
                    d6:25:6c:5e:4a:e8:8c:e6:dd:6e:6c:5a:a6:a4:4e:
                    20:ae:ce:94:56:62:0f:74:6d:12:47:00:95:10:e0:
                    5e:9f:18:a3:e5:fd:e1:ef:5a:ac:e3:c7:81:56:d1:
                    38:8c:98:07:3f:f5:49:ca:b4:2e:b0:9f:d5:1e:ba:
                    d2:b7:de:e7:37:43:bb:f2:4f:15:d3:9d:29:6d:4a:
                    cd:c1:ab:e8:78:49:3b:d9:fb:69:b9:89:59:0f:c8:
                    04:9a:05:e2:c3:7e:19:e4:36:11:c9:55:22:46:e1:
                    0b:46:b8:3b:6a:50:3b:7c:1c:8b:8b:bd:5d:50:ac:
                    a3:17:45:c0:ba:3f:a7:f7:3c:d2:d5:01:45:25:66:
                    cb:75:e2:7a:5a:8e:b2:95:37:24:55:42:8e:37:98:
                    55:e0:fd:8b:26:0c:97:8e:46:b7:77:a1:de:2f:61:
                    5e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:85:F2:75:8B:1A:F8:B0:39:45:A1:47:22:75:CA:72:D3:A5:FF:10
            X509v3 Authority Key Identifier:
                keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pYXydYsa-LA5RaFHInXKctOl_xA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.232.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         81:8c:96:1c:64:80:f7:70:0a:0a:53:72:1a:ca:2d:c0:e2:4a:
         2c:9f:7c:53:e7:58:7c:1e:c8:8d:00:5e:a9:6b:d9:92:91:8e:
         1a:45:bb:f7:0c:a7:8b:ca:59:a9:8d:c8:fb:46:3b:57:8a:e7:
         e9:1d:2c:4a:65:39:02:ba:15:94:52:2a:ed:1a:18:a9:65:ad:
         99:10:60:69:1d:aa:1f:57:4a:08:73:fb:37:56:e9:ec:57:11:
         cc:ee:fc:86:a1:22:fb:61:f9:e2:81:71:33:a4:d2:a0:ef:bb:
         80:07:91:14:dd:85:b9:f2:13:9d:7c:9e:94:c4:64:a9:c7:b3:
         c3:5b:00:56:13:22:4e:e6:73:93:9f:67:b9:ed:59:51:87:fe:
         ce:ca:90:9c:ec:97:8d:5d:2e:ac:83:67:f1:40:1f:08:60:41:
         0e:9b:2f:96:43:81:43:7a:79:b2:f2:12:a5:fb:62:1e:d2:8c:
         53:32:46:49:82:d2:ff:6b:fa:0f:03:bb:c6:6c:57:c1:93:87:
         3a:f9:6d:c4:44:60:4f:fb:bf:6f:b3:d5:f8:5a:82:a7:a9:f6:
         6c:f0:76:eb:0b:7b:3f:72:47:3a:f1:b0:59:2f:39:14:13:11:
         b0:87:a8:2d:81:37:81:98:e4:36:f0:d2:74:fa:ac:9d:28:76:
         fe:fb:29:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/GaLfucpVzl/21zAeavO/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwNTI5MjIxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg1ZjI3NThiMWFmOGIwMzk0NWExNDcyMjc1Y2E3MmQzYTVmZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqsST1fKZlkE2tuJVAcjF0YnDUf/
B9yfTWG3FhiY/t8DxhqShiPqiliaxtYEeGhaGlVzh4LL+/2iChNfMeJ83YxKtDuW
YnPq3Z/Hsak+mp52TzSJmkFweeLWJWxeSuiM5t1ubFqmpE4grs6UVmIPdG0SRwCV
EOBenxij5f3h71qs48eBVtE4jJgHP/VJyrQusJ/VHrrSt97nN0O78k8V050pbUrN
wavoeEk72ftpuYlZD8gEmgXiw34Z5DYRyVUiRuELRrg7alA7fByLi71dUKyjF0XA
uj+n9zzS1QFFJWbLdeJ6Wo6ylTckVUKON5hV4P2LJgyXjka3d6HeL2FeUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWF8nWLGviwOUWhRyJ1ynLTpf8QMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvcFlYeWRZc2EtTEE1UmFGSEluWEtjdE9sX3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELugwMA0G
CSqGSIb3DQEBCwUAA4IBAQCBjJYcZID3cAoKU3Iayi3A4kosn3xT51h8HsiNAF6p
a9mSkY4aRbv3DKeLylmpjcj7RjtXiufpHSxKZTkCuhWUUirtGhipZa2ZEGBpHaof
V0oIc/s3VunsVxHM7vyGoSL7YfnigXEzpNKg77uAB5EU3YW58hOdfJ6UxGSpx7PD
WwBWEyJO5nOTn2e57VlRh/7OypCc7JeNXS6sg2fxQB8IYEEOmy+WQ4FDenmy8hKl
+2Ie0oxTMkZJgtL/a/oPA7vGbFfBk4c6+W3ERGBP+79vs9X4WoKnqfZs8HbrC3s/
ckc68bBZLzkUExGwh6gtgTeBmOQ28NJ0+qydKHb++yk5
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:32:41 2024 by rpki-client on console-fra.rpki-client.org